Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/ITrcnvSRWgvkvPKBmqliSB4wObg.roa
File: ITrcnvSRWgvkvPKBmqliSB4wObg.roa (raw, json)
Hash identifier: XKoQkLp+kIL2WQiEosGF8L+jbs863ALytPlh1oUoJ5A=
Subject key identifier: 21:3A:DC:9E:F4:91:5A:0B:E4:BC:F2:81:9A:A9:62:48:1E:30:39:B8
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 01856D8AFD6304B7FF156AFEDE9EA975DEF7
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/ITrcnvSRWgvkvPKBmqliSB4wObg.roa
Signing time: Sun 01 Jan 2023 13:35:03 +0000
ROA not before: Sun 01 Jan 2023 13:35:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16079
IP address blocks: 194.209.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:fd:63:04:b7:ff:15:6a:fe:de:9e:a9:75:de:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 13:35:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=213adc9ef4915a0be4bcf2819aa962481e3039b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:94:3d:9a:eb:92:e5:19:8a:f5:3c:f0:d2:a1:
60:d0:01:33:7a:34:2c:d8:78:f1:34:b6:75:a2:32:
9a:bf:db:68:8a:a1:a1:75:f9:26:24:7f:19:59:44:
12:01:0d:1b:30:1a:58:14:73:56:0f:07:ad:aa:0e:
9c:7f:6e:c8:51:f8:44:73:9c:19:e5:56:1d:c7:ef:
d6:a9:78:3d:c2:55:e5:d3:1e:6a:e3:de:43:f7:ab:
04:1e:0d:c1:dc:ce:19:58:f0:22:11:f8:8b:11:4a:
c8:91:bf:54:17:e0:79:48:70:d9:64:bc:db:c8:37:
25:aa:7f:96:87:61:ab:ae:2f:6c:98:69:a1:79:38:
cb:ac:a0:1a:6c:ed:58:04:50:dc:fa:46:4d:94:c1:
fb:9f:17:89:94:6b:2a:64:f7:6e:7c:53:43:4a:cc:
6f:8e:9a:b9:4d:92:9f:74:f6:35:8f:9d:0c:95:1e:
f8:f4:66:5a:e2:a4:46:bf:56:b4:db:37:1d:a7:da:
bf:88:c6:cf:45:15:74:63:1f:0b:d5:66:b9:29:4d:
39:86:30:69:ce:5b:c7:4b:53:42:56:53:13:3a:18:
cf:18:87:eb:5a:00:a2:71:a8:a2:e3:0e:36:42:0f:
13:e2:c9:cb:80:85:05:db:6d:91:d2:ea:d0:5e:82:
43:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:3A:DC:9E:F4:91:5A:0B:E4:BC:F2:81:9A:A9:62:48:1E:30:39:B8
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/ITrcnvSRWgvkvPKBmqliSB4wObg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.209.159.0/24
Signature Algorithm: sha256WithRSAEncryption
40:55:1a:68:20:a0:bd:c9:2b:0c:7b:96:38:26:aa:f7:75:83:
b2:3b:41:72:39:f7:40:4a:a7:4c:66:23:cf:b1:fc:e1:00:76:
9a:c4:be:d2:fe:22:cb:62:fc:cd:9a:ab:c1:9a:09:c3:f8:d3:
62:57:0b:ca:43:70:78:56:07:74:d2:c3:2d:b0:4e:b0:cd:a3:
c8:a2:f0:57:ca:cb:b3:24:28:c9:ef:b5:a9:67:0a:ca:e8:36:
48:51:8b:a2:7a:3b:65:40:58:6b:cd:b5:46:a9:30:32:e3:a9:
cb:5a:bd:c7:94:29:e1:52:b8:5a:bb:9d:de:07:ed:6c:1f:92:
58:7a:f9:97:b4:3a:ee:59:a8:6c:f3:4b:1d:c7:b4:f3:62:b2:
a1:3f:b4:9f:10:ae:77:ae:06:8d:e7:9b:f0:50:53:d1:8e:da:
0e:ba:1d:b1:61:00:22:50:c4:91:91:59:92:d2:ff:09:16:dc:
0d:1b:7b:b6:84:4f:62:08:1b:a9:4a:09:41:06:4a:1e:3e:19:
12:0a:56:14:97:21:cc:00:e3:a8:da:42:76:64:1c:24:55:e2:
f1:cd:91:5f:44:6a:b1:67:8f:af:3c:c4:42:47:8c:ed:ac:aa:
ba:1e:89:9d:b6:13:4a:33:27:cc:bc:af:1a:ed:11:d7:25:24:
f0:93:81:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtiv1jBLf/FWr+3p6pdd73MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjMwMTAxMTMzNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTNhZGM5ZWY0OTE1YTBiZTRiY2YyODE5YWE5NjI0ODFlMzAzOWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZQ9muuS5RmK9Tzw0qFg0AEzejQs
2HjxNLZ1ojKav9toiqGhdfkmJH8ZWUQSAQ0bMBpYFHNWDwetqg6cf27IUfhEc5wZ
5VYdx+/WqXg9wlXl0x5q495D96sEHg3B3M4ZWPAiEfiLEUrIkb9UF+B5SHDZZLzb
yDclqn+Wh2Grri9smGmheTjLrKAabO1YBFDc+kZNlMH7nxeJlGsqZPdufFNDSsxv
jpq5TZKfdPY1j50MlR749GZa4qRGv1a02zcdp9q/iMbPRRV0Yx8L1Wa5KU05hjBp
zlvHS1NCVlMTOhjPGIfrWgCicaii4w42Qg8T4snLgIUF222R0urQXoJDywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCE63J70kVoL5LzygZqpYkgeMDm4MB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvSVRyY252U1JXZ3ZrdlBLQm1xbGlTQjR3T2JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwtGfMA0G
CSqGSIb3DQEBCwUAA4IBAQBAVRpoIKC9ySsMe5Y4Jqr3dYOyO0FyOfdASqdMZiPP
sfzhAHaaxL7S/iLLYvzNmqvBmgnD+NNiVwvKQ3B4Vgd00sMtsE6wzaPIovBXysuz
JCjJ77WpZwrK6DZIUYuiejtlQFhrzbVGqTAy46nLWr3HlCnhUrhau53eB+1sH5JY
evmXtDruWahs80sdx7TzYrKhP7SfEK53rgaN55vwUFPRjtoOuh2xYQAiUMSRkVmS
0v8JFtwNG3u2hE9iCBupSglBBkoePhkSClYUlyHMAOOo2kJ2ZBwkVeLxzZFfRGqx
Z4+vPMRCR4ztrKq6HomdthNKMyfMvK8a7RHXJSTwk4Fv
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:31:17 2025 by rpki-client